summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
Diffstat (limited to 'src/util')
-rw-r--r--src/util/Makefile.am6
-rw-r--r--src/util/anastasis-config.c6
-rw-r--r--src/util/anastasis-config.in5
-rw-r--r--src/util/anastasis-crypto-tvg.c32
-rw-r--r--src/util/anastasis_crypto.c151
-rw-r--r--src/util/os_installation.c4
-rw-r--r--src/util/pin.c84
-rw-r--r--src/util/test_anastasis_crypto.c28
8 files changed, 218 insertions, 98 deletions
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 22c7a1c..29d2b13 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -26,6 +26,9 @@ anastasis-config: anastasis-config.in
chmod a-w+x $@.tmp && \
mv $@.tmp $@
+CLEANFILES = \
+ anastasis-config
+
bin_SCRIPTS = \
anastasis-config
@@ -34,7 +37,8 @@ lib_LTLIBRARIES = \
libanastasisutil_la_SOURCES = \
anastasis_crypto.c \
- os_installation.c
+ os_installation.c \
+ pin.c
libanastasisutil_la_LIBADD = \
-lgnunetutil \
$(LIBGCRYPT_LIBS) \
diff --git a/src/util/anastasis-config.c b/src/util/anastasis-config.c
index 0c2cb29..34574d1 100644
--- a/src/util/anastasis-config.c
+++ b/src/util/anastasis-config.c
@@ -3,16 +3,16 @@
Copyright (C) 2012-2021 Anastasis Systems SA
Anastasis is free software: you can redistribute it and/or modify it
- under the terms of the GNU Affero General Public License as published
+ under the terms of the GNU General Public License as published
by the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.
Anastasis is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Affero General Public License for more details.
+ General Public License for more details.
- You should have received a copy of the GNU Affero General Public License
+ You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
SPDX-License-Identifier: AGPL3.0-or-later
diff --git a/src/util/anastasis-config.in b/src/util/anastasis-config.in
index 0e94921..6657540 100644
--- a/src/util/anastasis-config.in
+++ b/src/util/anastasis-config.in
@@ -7,6 +7,7 @@ if ! type gnunet-config >/dev/null; then
exit 1
fi
-GC=`which gnunet-config`
-export LD_PRELOAD=${LD_PRELOAD:-}:%libdir%/libanastasisutil.so
+GC=$(which gnunet-config)
+SO=$(ls %libdir%/libanastasisutil.so.* | sort -n | tail -n1)
+export LD_PRELOAD=${LD_PRELOAD:-}:${SO}
exec gnunet-config "$@"
diff --git a/src/util/anastasis-crypto-tvg.c b/src/util/anastasis-crypto-tvg.c
index b426ee5..d5fc4c1 100644
--- a/src/util/anastasis-crypto-tvg.c
+++ b/src/util/anastasis-crypto-tvg.c
@@ -3,14 +3,14 @@
Copyright (C) 2020,2021 Anastasis SARL
Anastasis is free software; you can redistribute it and/or modify it under the
- terms of the GNU Lesser General Public License as published by the Free Software
+ terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- You should have received a copy of the GNU Affero General Public License along with
+ You should have received a copy of the GNU General Public License along with
Anastasis; see the file COPYING.GPL. If not, see <http://www.gnu.org/licenses/>
*/
@@ -134,24 +134,6 @@ d2j_append (json_t *arr,
d, \
sizeof (*d));
-/**
- * Add a number to a test vector.
- *
- * @param vec test vector to add to
- * @param label label for the value
- * @param data data to add
- * @param size size of data
- */
-static void
-uint2j (json_t *vec,
- const char *label,
- unsigned int num)
-{
- json_t *json = json_integer (num);
-
- json_object_set_new (vec, label, json);
-}
-
static int
expect_data_fixed (json_t *vec,
@@ -356,7 +338,7 @@ output_vectors ()
{
json_t *vec = vec_for (vecs, "user_identifier_derive");
- struct ANASTASIS_CRYPTO_ProviderSaltP server_salt;
+ struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt;
struct ANASTASIS_CRYPTO_UserIdentifierP id;
json_t *id_data = json_pack ("{s:s, s:s}",
"name",
@@ -364,13 +346,13 @@ output_vectors ()
"ssn",
"AB123");
GNUNET_assert (NULL != id_data);
- random_auto (&server_salt);
+ random_auto (&provider_salt);
ANASTASIS_CRYPTO_user_identifier_derive (id_data,
- &server_salt,
+ &provider_salt,
&id);
json_object_set_new (vec, "input_id_data", id_data);
- d2j_auto (vec, "input_server_salt", &server_salt);
+ d2j_auto (vec, "input_provider_salt", &provider_salt);
d2j_auto (vec, "output_id", &id);
}
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index f5e6c77..579f097 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -3,14 +3,14 @@
Copyright (C) 2020 Anastasis SARL
Anastasis is free software; you can redistribute it and/or modify it under the
- terms of the GNU Lesser General Public License as published by the Free Software
+ terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
- You should have received a copy of the GNU Affero General Public License along with
+ You should have received a copy of the GNU General Public License along with
Anastasis; see the file COPYING.GPL. If not, see <http://www.gnu.org/licenses/>
*/
/**
@@ -41,6 +41,10 @@ ANASTASIS_hash_answer (uint64_t code,
GNUNET_CRYPTO_hash (cbuf,
strlen (cbuf),
hashed_code);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Hashed answer %llu to %s\n",
+ (unsigned long long) code,
+ GNUNET_h2s (hashed_code));
}
@@ -91,28 +95,23 @@ derive_key (const void *key_material,
const char *salt,
struct ANASTASIS_CRYPTO_SymKeyP *key)
{
- if (GNUNET_YES !=
- GNUNET_CRYPTO_kdf (key,
- sizeof (struct ANASTASIS_CRYPTO_SymKeyP),
- /* salt / XTS */
- nonce,
- sizeof (struct ANASTASIS_CRYPTO_NonceP),
- /* ikm */
- key_material,
- key_m_len,
- /* info chunks */
- /* The "salt" passed here is actually not something random,
- but a protocol-specific identifier string. Thus
- we pass it as a context info to the HKDF */
- salt,
- strlen (salt),
- NULL,
- 0))
- {
- // FIXME: Huh?! Why would we continue here?
- GNUNET_break (0);
- return;
- }
+ GNUNET_assert (GNUNET_YES ==
+ GNUNET_CRYPTO_kdf (key,
+ sizeof (*key),
+ /* salt / XTS */
+ nonce,
+ sizeof (*nonce),
+ /* ikm */
+ key_material,
+ key_m_len,
+ /* info chunks */
+ /* The "salt" passed here is actually not something random,
+ but a protocol-specific identifier string. Thus
+ we pass it as a context info to the HKDF */
+ salt,
+ strlen (salt),
+ NULL,
+ 0));
}
@@ -170,8 +169,9 @@ anastasis_encrypt (const struct ANASTASIS_CRYPTO_NonceP *nonce,
* @param salt salt value which is used for key derivation
* @param[out] res plaintext output
* @param[out] res_size size of the plaintext
+ * @return #GNUNET_OK on success
*/
-static void
+static enum GNUNET_GenericReturnValue
anastasis_decrypt (const void *key,
size_t key_len,
const void *data,
@@ -184,8 +184,11 @@ anastasis_decrypt (const void *key,
struct ANASTASIS_CRYPTO_SymKeyP skey;
size_t plaintext_size;
- GNUNET_assert (data_size >= crypto_secretbox_NONCEBYTES
- + crypto_secretbox_MACBYTES);
+ if (data_size < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES)
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
nonce = data;
derive_key (key,
key_len,
@@ -204,14 +207,16 @@ anastasis_decrypt (const void *key,
{
GNUNET_break (0);
GNUNET_free (*res);
+ return GNUNET_SYSERR;
}
+ return GNUNET_OK;
}
void
ANASTASIS_CRYPTO_user_identifier_derive (
const json_t *id_data,
- const struct ANASTASIS_CRYPTO_ProviderSaltP *server_salt,
+ const struct ANASTASIS_CRYPTO_ProviderSaltP *provider_salt,
struct ANASTASIS_CRYPTO_UserIdentifierP *id)
{
char *json_enc;
@@ -220,7 +225,7 @@ ANASTASIS_CRYPTO_user_identifier_derive (
json_enc = json_dumps (id_data,
JSON_COMPACT | JSON_SORT_KEYS);
GNUNET_assert (NULL != json_enc);
- GNUNET_CRYPTO_pow_hash (&server_salt->salt,
+ GNUNET_CRYPTO_pow_hash (&provider_salt->salt,
json_enc,
strlen (json_enc),
&hash);
@@ -332,9 +337,9 @@ ANASTASIS_CRYPTO_keyshare_encrypt (
sizeof (nonce));
anastasis_encrypt (&nonce,
id,
- sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
+ sizeof (*id),
key_share,
- sizeof (struct ANASTASIS_CRYPTO_KeyShareP),
+ sizeof (*key_share),
(NULL == xsalt) ? salt : xsalt,
&eks,
&eks_size);
@@ -359,9 +364,9 @@ ANASTASIS_CRYPTO_keyshare_decrypt (
void *ks = NULL;
anastasis_decrypt (id,
- sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
+ sizeof (*id),
enc_key_share,
- sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP),
+ sizeof (*enc_key_share),
(NULL == xsalt) ? salt : xsalt,
&ks,
&ks_size);
@@ -505,18 +510,6 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
}
-/**
- * Decrypts the core secret with the master key. First the master key is decrypted with the provided policy key.
- * Afterwards the core secret is encrypted with the master key. The core secret is returned.
- *
- * @param encrypted_master_key master key for decrypting the core secret, is itself encrypted by the policy key
- * @param encrypted_master_key_size size of the encrypted master key
- * @param policy_key built policy key which will decrypt the master key
- * @param encrypted_core_secret the encrypted core secret from the user, will be encrypted with the policy key
- * @param encrypted_core_secret_size size of the encrypted core secret
- * @param[out] core_secret decrypted core secret will be returned
- * @param[out] core_secret_size size of core secret
- */
void
ANASTASIS_CRYPTO_core_secret_recover (
const void *encrypted_master_key,
@@ -561,11 +554,6 @@ ANASTASIS_CRYPTO_core_secret_recover (
}
-/**
- * Destroy a core secret encryption result.
- *
- * @param cser the result to destroy
- */
void
ANASTASIS_CRYPTO_destroy_encrypted_core_secret (
struct ANASTASIS_CoreSecretEncryptionResult *cser)
@@ -579,4 +567,65 @@ ANASTASIS_CRYPTO_destroy_encrypted_core_secret (
}
+const char *
+ANASTASIS_CRYPTO_uuid2s (const struct ANASTASIS_CRYPTO_TruthUUIDP *uuid)
+{
+ static char uuids[7];
+ char *tpk;
+
+ tpk = GNUNET_STRINGS_data_to_string_alloc (uuid,
+ sizeof (*uuid));
+ memcpy (uuids,
+ tpk,
+ sizeof (uuids) - 1);
+ GNUNET_free (tpk);
+ return uuids;
+}
+
+
+void
+ANASTASIS_CRYPTO_recovery_metadata_encrypt (
+ const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const void *meta_data,
+ size_t meta_data_size,
+ void **enc_meta_data,
+ size_t *enc_meta_data_size)
+{
+ const char *salt = "rmd";
+ struct ANASTASIS_CRYPTO_NonceP nonce;
+
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &nonce,
+ sizeof (nonce));
+ anastasis_encrypt (&nonce,
+ id,
+ sizeof (*id),
+ meta_data,
+ meta_data_size,
+ salt,
+ enc_meta_data,
+ enc_meta_data_size);
+}
+
+
+enum GNUNET_GenericReturnValue
+ANASTASIS_CRYPTO_recovery_metadata_decrypt (
+ const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const void *enc_meta_data,
+ size_t enc_meta_data_size,
+ void **meta_data,
+ size_t *meta_data_size)
+{
+ const char *salt = "rmd";
+
+ return anastasis_decrypt (id,
+ sizeof (*id),
+ enc_meta_data,
+ enc_meta_data_size,
+ salt,
+ meta_data,
+ meta_data_size);
+}
+
+
/* end of anastasis_crypto.c */
diff --git a/src/util/os_installation.c b/src/util/os_installation.c
index a23182e..cfcf3c3 100644
--- a/src/util/os_installation.c
+++ b/src/util/os_installation.c
@@ -3,7 +3,7 @@
Copyright (C) 2019, 2021 Anastasis SARL
Anastasis is free software; you can redistribute it and/or modify
- it under the terms of the GNU Affero General Public License as published
+ it under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 3, or (at your
option) any later version.
@@ -12,7 +12,7 @@
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
- You should have received a copy of the GNU Affero General Public License
+ You should have received a copy of the GNU General Public License
along with Anastasis; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301, USA.
diff --git a/src/util/pin.c b/src/util/pin.c
new file mode 100644
index 0000000..0285bb0
--- /dev/null
+++ b/src/util/pin.c
@@ -0,0 +1,84 @@
+/*
+ This file is part of GNU Anastasis.
+ Copyright (C) 2021 Anastasis SARL
+
+ Anastasis is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ Anastasis is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with Anastasis; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+*/
+
+/**
+ * @file anastasis/src/util/pin.c
+ * @brief pin conversion functions
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "anastasis_util_lib.h"
+
+
+bool
+ANASTASIS_scan_pin (const char *as,
+ unsigned long long *pin)
+{
+ char dummy;
+ char s[16];
+
+ if ( (NULL != as) &&
+ (0 == strncasecmp ("A-", as, 2)) )
+ as += 2; /* skip "A-" prefix if present */
+ if (strlen (as) != 18)
+ return false;
+ if ( ('-' != as[5]) ||
+ ('-' != as[9]) ||
+ ('-' != as[14]) )
+ return false;
+ GNUNET_snprintf (s,
+ sizeof (s),
+ "%.5s%.3s%.4s%.3s",
+ as,
+ &as[6],
+ &as[10],
+ &as[15]);
+ if (1 != sscanf (s,
+ "%llu%c",
+ pin,
+ &dummy))
+ {
+ GNUNET_break (0);
+ return false;
+ }
+ return true;
+}
+
+
+const char *
+ANASTASIS_pin2s (uint64_t pin)
+{
+ static char buf[22];
+ char tmp[16];
+
+ GNUNET_assert (pin < ANASTASIS_PIN_MAX_VALUE);
+ GNUNET_snprintf (tmp,
+ sizeof (tmp),
+ "%015llu",
+ (unsigned long long) pin);
+ GNUNET_snprintf (buf,
+ sizeof (buf),
+ "A-%.5s-%.3s-%.4s-%.3s",
+ tmp,
+ &tmp[5],
+ &tmp[8],
+ &tmp[12]);
+ return buf;
+}
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index 428aebf..6132e35 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -3,16 +3,16 @@
Copyright (C) 2014-2020 Anastasis SARL
Anastasis is free software; you can redistribute it and/or modify
- it under the terms of the GNU Affero General Public License as
+ it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 3, or
(at your option) any later version.
Anastasis is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU Affero General Public License for more details.
+ GNU General Public License for more details.
- You should have received a copy of the GNU Affero General Public
+ You should have received a copy of the GNU General Public
License along with Anastasis; see the file COPYING. If not, see
<http://www.gnu.org/licenses/>
*/
@@ -41,11 +41,11 @@ test_user_identifier_derive (void)
struct ANASTASIS_CRYPTO_UserIdentifierP id_1;
struct ANASTASIS_CRYPTO_UserIdentifierP id_2;
struct ANASTASIS_CRYPTO_UserIdentifierP id_3;
- struct ANASTASIS_CRYPTO_ProviderSaltP server_salt;
+ struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt;
char *salt_str = "Server-Salt-Test";
- GNUNET_memcpy (&server_salt,
+ GNUNET_memcpy (&provider_salt,
salt_str,
strlen (salt_str));
// sample data 1
@@ -59,13 +59,13 @@ test_user_identifier_derive (void)
json_object_set_new (id_data_3, "arg1", json_string ("Hallo2"));
ANASTASIS_CRYPTO_user_identifier_derive (id_data_1,
- &server_salt,
+ &provider_salt,
&id_1);
ANASTASIS_CRYPTO_user_identifier_derive (id_data_2,
- &server_salt,
+ &provider_salt,
&id_2);
ANASTASIS_CRYPTO_user_identifier_derive (id_data_3,
- &server_salt,
+ &provider_salt,
&id_3);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"UserIdentifier_1: %s\n",
@@ -97,19 +97,19 @@ test_recovery_document (void)
void *plaintext;
size_t size_plaintext;
struct ANASTASIS_CRYPTO_UserIdentifierP id;
- struct ANASTASIS_CRYPTO_ProviderSaltP server_salt;
+ struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt;
int ret;
json_t *id_data = json_object ();
const char *test = "TEST_ERD";
char *salt_str = "Server-Salt-Test";
- GNUNET_memcpy (&server_salt,
+ GNUNET_memcpy (&provider_salt,
salt_str,
strlen (salt_str));
json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
ANASTASIS_CRYPTO_user_identifier_derive (id_data,
- &server_salt,
+ &provider_salt,
&id);
ANASTASIS_CRYPTO_recovery_document_encrypt (&id,
test,
@@ -296,17 +296,17 @@ test_public_key_derive (void)
{
struct ANASTASIS_CRYPTO_UserIdentifierP id;
struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
- struct ANASTASIS_CRYPTO_ProviderSaltP server_salt;
+ struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt;
json_t *id_data = json_object ();
const char *salt_str = "Server-Salt-Test";
- GNUNET_memcpy (&server_salt,
+ GNUNET_memcpy (&provider_salt,
salt_str,
strlen (salt_str));
json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
ANASTASIS_CRYPTO_user_identifier_derive (id_data,
- &server_salt,
+ &provider_salt,
&id);
ANASTASIS_CRYPTO_account_public_key_derive (&id,
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-10 08:04:02 +0000